The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter, which allows remote attackers to execute arbitrary commands by using a command string for this parameter's value, related to a "command injection vulnerability."
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:23
Type | Values Removed | Values Added |
---|---|---|
References | () http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=887 - | |
References | () http://www.securityfocus.com/archive/1/515628 - | |
References | () http://www.securityfocus.com/bid/45762 - | |
References | () http://www.securitytracker.com/id?1024951 - | |
References | () http://www.vupen.com/english/advisories/2011/0085 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/64657 - |
Information
Published : 2011-01-13 19:00
Updated : 2024-11-21 01:23
NVD link : CVE-2011-0271
Mitre link : CVE-2011-0271
CVE.ORG link : CVE-2011-0271
JSON object : View
Products Affected
hp
- openview_network_node_manager
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')